Cisco VPN 5000 Client - Buffer Overrun (1)

// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...

CVE-2002-1100

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service crash via a long 1 username or 2 password to the HTML login interface...

CVE-2002-1101

Cisco VPN 3000 Concentrator 2.2.x, 3.6Rel, and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name...

CVE-2002-1103

The CVE-2002-1103 issue affects Cisco VPN 3000 Concentrator devices running 2.2.x, 3.6(Rel), and 3.x before 3.5.5. The root cause is handling ISAKMP packets; malformed or an excessive number of ISAKMP packets can cause the device to reload, resulting in a denial of service. Attacks can be perform...

CVE-2002-1101

Cisco VPN 3000 Concentrator versions 2.2.x, 3.6(Rel), and 3.x before 3.5.5 are affected by CVE-2002-1101. The vulnerability allows remote attackers to cause a denial of service by sending a long username, indicating an input handling flaw that can exhaust resources and affect availability. No exp...

CVE-2002-1094

Cisco VPN 3000 Series Concentrator Information Disclosure (CVE-2002-1094) affects 2.x.x and 3.x.x firmware up to but not including 3.5.4. The vulnerability leaks potentially sensitive information via banners in SSH, FTP, or an incorrect HTTP request, allowing remote information disclosure without...

CVE-2002-1100

CVE-2002-1100 affects Cisco VPN 3000 Concentrator versions 2.2.x and 3.x prior to 3.5.3. The vulnerability allows remote attackers to trigger a denial of service (crash) by sending an excessively long username or password to the HTML login interface. The issue is evidenced by the NVD description ...

CVE-2002-1103

Cisco VPN 3000 Concentrator 2.2.x, 3.6Rel, and 3.x before 3.5.5, allows remote attackers to cause a denial of service via 1 malformed or 2 large ISAKMP packets...

CVE-2002-1094

Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the 1 SSH banner, 2 FTP banner, or 3 an incorrect HTTP request...

Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set Revision 1.0 For Public Release 2002 September 05 UTC 1500 ---------------------------------------------------------------------- Contents Summary Affected Products Detail...

Cisco VPN Client Multiple Vulnerabilities - Second Set

...

CVE-2002-0852

Buffer overflows in Cisco Virtual Private Network VPN Client 3.5.4 and earlier allows remote attackers to cause a denial of service via 1 an Internet Key Exchange IKE with a large Security Parameter Index SPI payload, or 2 an IKE packet with a large number of valid payloads...

CVE-2002-0853

Cisco Virtual Private Network VPN Client 3.5.4 and earlier allows remote attackers to cause a denial of service CPU consumption via a packet with a zero-length payload...

SecuRemote usernames can be guessed or sniffed using IKE exchange

SecuRemote usernames can be guessed or sniffed using IKE exchange Introduction: ------------- While performing a VPN security analysis for one of our customers, I discovered a potential issue with Firewall-1 SecuRemote IKE which can allow usernames to be guessed. I also observed the related issue...

Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities Revision 1.0 For Public Release 2002 September 03 at 1500 UTC ---------------------------------------------------------------------- Contents Summary Affected Products Detai...

Cisco VPN 3000 Concentrator Multiple Vulnerabilities

...

Cisco VPN 3000 Series Concentrator Client - Authentication Denial of Service

Cisco VPN 3000 Series Concentrator Client - Authentication Denial of Service // source: https://www.securityfocus.com/bid/5620/info Cisco VPN 3000 series concentrators are prone to a denial of service condition when receiving an overly long username string during authentication from a VPN client...

Multiple Cisco VPN 3000 Vulnerabilities

...

Cisco VPN 3000 series concentrator does not properly handle malformed ISAKMP packets

Overview Cisco VPN 3000 series concentrators do not properly handle specially crafted Internet Security Association and Key Management Protocol ISAKMP packets, which can cause a vulnerable device to reload, denying service to legitimate users. Description According to information on the Cisco web...

Cisco VPN 3000 Series Concentrator Client - Authentication Denial of Service

// source: https://www.securityfocus.com/bid/5620/info Cisco VPN 3000 series concentrators are prone to a denial of service condition when receiving an overly long username string during authentication from a VPN client. Successful exploitation will cause the device to reload. / ISAKMP Cisco VPN...